5613 matches found
rVMI: Perform Full System Analysis with Ease
Manual dynamic analysis is an important concept. It enables us to observe the behavior of a sophisticated malware sample or exploit by executing it in a controlled environment. The information gathered through this process is often crucial in gaining a full understanding of a sample. When...
Security update for xen (important)
This update for xen fixes several issues. These security issues were fixed: - CVE-2017-14316: Missing bound check in function allocheappages for an internal array allowed attackers using crafted hypercalls to execute arbitrary code within Xen XSA-231, bsc1056278 - CVE-2017-14318: The function...
[SECURITY] Fedora 25 Update: xen-4.7.3-4.fc25
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 26 Update: xen-4.8.2-2.fc26
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Provisioning services 7.x vdisk Imaging Procedure
To perform imaging sometimes after performing reverse imaging to create a new vDisk from a virtual machine on any residing hypervisor...
CVE-2017-8711
The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability". This CVE ID is...
The vulnerability of component mm.c (arch/x86/mm.c) in the Xen hypervisor and the XenServer server virtualization platform allows a perpetrator to increase their privileges.
The vulnerability of component mm.c arch/x86/mm.c in the Xen hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating locally, to enhance their privileges by using functions related t...
The vulnerability of the `xen_biovec_phys_mergeable` function in the `biomerge.c` driver (driver/xen/biomerge.c) of the Xen hypervisor and XenServer server virtualization platform allows a malicious actor to escalate their privileges, corrupt data flows of block devices, violate information confidentiality, and cause service failures.
The vulnerability of the xenbiovecphysmergeable function in the biomerge.c driver driver/xen/biomerge.c in the Xen hypervisor and XenServer server virtualization platform is related to deficiencies in access control for certain functions. Exploiting this vulnerability can allow an attacker to...
[SECURITY] [DSA 3969-1] xen security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3969-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 12, 2017 https://www.debian.org/security/faq -...
DEBIAN-CVE-2017-14318
An issue was discovered in Xen 4.5.x through 4.9.x. The function gnttabcacheflush handles GNTTABOPcacheflush grant table operations. It checks to see if the calling domain is the owner of the page that is to be operated on. If it is not, the owner's grant table is checked to see if a grant mappin...
ALPINE-CVE-2017-14316
A parameter verification issue was discovered in Xen through 4.9.x. The function allocheappages allows callers to specify the first NUMA node that should be used for allocations through the memflags parameter; the node is extracted using the MEMFgetnode macro. While the function checks to see if...
insufficient grant unmapping checks for x86 PV guests
ISSUE DESCRIPTION When removing or replacing a grant mapping, the x86 PV specific path needs to make sure page table entries remain in sync with other accounting done. Although the identity of the page frame was validated correctly, neither the presence of the mapping nor page writability were...
Design/Logic Flaw
A vulnerability in the ROM Monitor ROMMON code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization o...
CVE-2017-12223
A vulnerability in the ROM Monitor ROMMON code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization o...
CVE-2017-12223
A vulnerability in the ROM Monitor ROMMON code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization o...
Cisco IR800 Integrated Services Router ROM Monitor Input Validation Vulnerability
A vulnerability in the ROM Monitor ROMMON code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization o...
[SECURITY] Fedora 27 Update: xen-4.9.0-9.fc27
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
[SECURITY] Fedora 26 Update: xen-4.8.1-8.fc26
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
Xen Hypervisor Function Error Condition Handling Lock Release Failure Guest-to-Host DoS (XSA-235)
According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by flaw in the xenmemaddtophysmapone function in arch/arm/mm.c that is triggered as the application fails to release a lock when handling certain error conditions. This may allow a privilege...
[SECURITY] Fedora 26 Update: xen-4.8.1-7.fc26
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...